<?php

namespace app\http\middleware;

use think\Request;

class CORS
{
    public function handle($request, \Closure $next)
    {
        if($request->isOptions()){
            header('Access-Control-Allow-Origin:*');
            header('Access-Control-Allow-Headers:Accept,Referer,Host,Keep-Alive,User-Agent,X-Requested-With,Cache-Control,Content-Type,Cookie,api-version');//允许传递的字段
            header('Access-Control-Allow-Credentials:true');
            header('Access-Control-Allow-Methods:POST,GET,PUT,DELETE,OPTIONS');
            header('Access-Control-Max-Age:1728000');
            header('Content-Type:text/plain charset=UTF-8');
            header('Content-Length: 0', true);
            header('status: 204');
            header('HTTP/1.0 204 No Content');
            //return Response::create()->send();
        }else{
            header('Access-Control-Allow-Origin: *');
            header("Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization");
            header('Access-Control-Allow-Methods: POST,GET,PUT,DELETE');
        }

        return $next($request);
    }
}
